A cross-site scripting vulnerability exists. The vulnerability allows a user to embed arbitrary JavaScript code in the message field of the "Edit Signature" page and post a code with an XSS payload entered.
Details
affected source code file : https://github.com/YAFNET/YAFNET/blob/netfx/yafsrc/YetAnotherForum.NET/Pages/Profile/EditSignature.ascx.cs (on web page : http://your-ip.com/forum/Profile/EditSignature)
Affected version: YAFNET 3.1.11
A cross-site scripting vulnerability exists. The vulnerability allows a user to embed arbitrary JavaScript code in the message field of the "Edit Signature" page and post a code with an XSS payload entered.
The signature is displayed underneath posts that the user has previously published, which can affect any user when accessing certain pages, including those who are not logged in.
It can potentially lead to credential disclosure in trusted sessions.
Summary
A cross-site scripting vulnerability exists. The vulnerability allows a user to embed arbitrary JavaScript code in the message field of the "Edit Signature" page and post a code with an XSS payload entered.
Details
affected source code file : https://github.com/YAFNET/YAFNET/blob/netfx/yafsrc/YetAnotherForum.NET/Pages/Profile/EditSignature.ascx.cs (on web page : http://your-ip.com/forum/Profile/EditSignature)
Affected version: YAFNET 3.1.11
A cross-site scripting vulnerability exists. The vulnerability allows a user to embed arbitrary JavaScript code in the message field of the "Edit Signature" page and post a code with an XSS payload entered.
The signature is displayed underneath posts that the user has previously published, which can affect any user when accessing certain pages, including those who are not logged in.
It can potentially lead to credential disclosure in trusted sessions.
PoC
<img src=/ onmouseover=alert('XSS_from_chtsec_user')>
Impact
What kind of vulnerability is it? Who is impacted?
XSS (Cross-Site Scripting)
YAFNET version:3.1.11
Reference
https://drive.google.com/drive/folders/1iJuhjLQy3QPIgKKgWUzEEfr_q0boaR00?usp=sharing